Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
File:                     oYNGitFuaZjU23dpvvv6BuofE0I.mft (raw, json)
Hash identifier:          QUlzEBd7KtNpLONlQTQnZbgyo0XCcjthqkXcz+vLbzE=
Subject key identifier:   70:67:B9:CB:8F:C0:2D:6D:F7:48:85:35:C9:CE:26:AD:65:6C:4A:EE
Authority key identifier: A1:83:46:8A:D1:6E:69:98:D4:DB:77:69:BE:FB:FA:06:EA:1F:13:42
Certificate issuer:       /CN=a183468ad16e6998d4db7769befbfa06ea1f1342
Certificate serial:       019676E802A91B1C134C19E8D9835B14A7E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
Manifest number:          0E8B
Signing time:             Sun 27 Apr 2025 11:00:38 +0000
Manifest this update:     Sun 27 Apr 2025 11:00:38 +0000
Manifest next update:     Mon 28 Apr 2025 11:00:38 +0000
Files and hashes:         1: oYNGitFuaZjU23dpvvv6BuofE0I.crl (hash: /LGu1WI9bLOcnD8718OSg/+qLNU1k5KKQYcY5Xt1ayo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Apr 2025 11:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:76:e8:02:a9:1b:1c:13:4c:19:e8:d9:83:5b:14:a7:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a183468ad16e6998d4db7769befbfa06ea1f1342
        Validity
            Not Before: Apr 27 11:00:38 2025 GMT
            Not After : Apr 28 11:00:38 2025 GMT
        Subject: CN=7067b9cb8fc02d6df7488535c9ce26ad656c4aee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:0b:fc:46:05:c6:82:b0:85:ff:a2:2a:d4:b6:
                    bf:20:a2:f3:1e:45:99:e1:6b:7f:13:ff:ab:cc:84:
                    2a:63:88:ee:35:2f:41:5c:6b:1c:8d:96:e8:83:2a:
                    d5:7a:63:68:9e:86:18:8d:9f:2b:97:7f:cf:82:62:
                    16:66:d0:1e:e7:14:c6:e9:8c:8b:da:ea:12:82:bc:
                    94:30:bd:44:ad:ee:d2:f2:0c:b5:9d:99:71:39:ee:
                    d3:42:5d:09:e6:77:08:20:3b:e6:35:04:ef:5a:37:
                    72:12:5a:97:0f:54:f1:48:de:13:f4:57:71:06:b4:
                    36:93:9f:bf:4b:47:68:3f:00:21:7b:2c:e3:ee:a6:
                    c0:16:4c:ea:2c:cb:20:40:7d:d5:f8:41:a4:d4:98:
                    8e:e0:4b:51:4a:68:3d:37:b8:c5:86:5e:dc:d8:91:
                    b5:b2:63:99:f9:03:8a:13:96:35:c3:a1:44:41:89:
                    70:7c:24:2e:98:ca:41:ad:53:04:c7:f7:78:04:71:
                    5c:ce:17:47:11:1b:d1:54:41:61:19:47:5e:4b:8c:
                    1e:77:49:07:58:d4:b7:98:61:9e:5e:fc:51:11:be:
                    5f:ab:fa:af:18:12:d8:e6:0b:9b:9f:ac:e8:2b:02:
                    0e:0c:18:74:62:0a:f9:e5:94:60:f0:8c:e7:4a:d3:
                    ce:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:67:B9:CB:8F:C0:2D:6D:F7:48:85:35:C9:CE:26:AD:65:6C:4A:EE
            X509v3 Authority Key Identifier:
                keyid:A1:83:46:8A:D1:6E:69:98:D4:DB:77:69:BE:FB:FA:06:EA:1F:13:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:16:ae:ed:83:80:75:cc:19:89:df:72:f4:f8:67:49:32:85:
         62:59:c2:7b:d4:22:5c:63:ff:80:32:5a:07:43:9b:a6:59:02:
         ed:6b:70:06:91:17:c5:80:90:90:83:90:ee:ff:5e:32:a7:82:
         ed:bd:1a:74:a7:dc:a1:29:a0:98:68:61:a2:ce:9f:26:63:b0:
         c1:5a:06:37:53:e9:a4:e1:e7:4f:67:c2:ca:1e:e4:34:bb:0a:
         2c:38:9e:53:29:1a:17:b3:3e:68:ac:50:ba:df:f4:59:5b:dd:
         aa:47:fb:de:18:b0:35:04:2c:e4:70:ce:0d:d6:f0:14:b3:10:
         0b:71:bc:9d:f9:73:31:0b:ce:dd:54:dc:a8:ae:76:a8:b1:af:
         d2:5d:18:bf:a9:be:37:db:68:63:ca:e4:52:c4:0e:06:8f:b1:
         a4:f1:b0:26:0b:8d:f1:ed:db:2e:5e:8e:bf:78:14:1b:d2:c3:
         51:70:a7:fc:f2:c2:3e:2e:05:9b:26:3f:13:32:5d:69:cd:f5:
         18:8d:e8:56:98:c9:57:62:b1:e0:55:88:83:93:d6:7a:c8:e9:
         d2:c8:0d:c7:4b:d9:02:d1:01:da:4c:c8:8f:2a:8e:62:03:33:
         c1:24:d1:b7:e7:87:c0:dc:ec:01:aa:05:f0:01:c2:03:51:9a:
         ae:f9:78:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZZ26AKpGxwTTBno2YNbFKfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODM0NjhhZDE2ZTY5OThkNGRiNzc2OWJlZmJmYTA2ZWEx
ZjEzNDIwHhcNMjUwNDI3MTEwMDM4WhcNMjUwNDI4MTEwMDM4WjAzMTEwLwYDVQQD
Eyg3MDY3YjljYjhmYzAyZDZkZjc0ODg1MzVjOWNlMjZhZDY1NmM0YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAv8RgXGgrCF/6Iq1La/IKLzHkWZ
4Wt/E/+rzIQqY4juNS9BXGscjZbogyrVemNonoYYjZ8rl3/PgmIWZtAe5xTG6YyL
2uoSgryUML1Ere7S8gy1nZlxOe7TQl0J5ncIIDvmNQTvWjdyElqXD1TxSN4T9Fdx
BrQ2k5+/S0doPwAheyzj7qbAFkzqLMsgQH3V+EGk1JiO4EtRSmg9N7jFhl7c2JG1
smOZ+QOKE5Y1w6FEQYlwfCQumMpBrVMEx/d4BHFczhdHERvRVEFhGUdeS4wed0kH
WNS3mGGeXvxREb5fq/qvGBLY5gubn6zoKwIODBh0Ygr55ZRg8IznStPO4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBnucuPwC1t90iFNcnOJq1lbEruMB8GA1UdIwQY
MBaAFKGDRorRbmmY1Nt3ab77+gbqHxNCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82ODlkMDUtMWIxNC00ZjliLThlN2Mt
MzcxYWM3YzY1NGRhLzEvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82ODlkMDUtMWIxNC00ZjliLThlN2MtMzcxYWM3YzY1NGRh
LzEvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAhau7YOA
dcwZid9y9PhnSTKFYlnCe9QiXGP/gDJaB0ObplkC7WtwBpEXxYCQkIOQ7v9eMqeC
7b0adKfcoSmgmGhhos6fJmOwwVoGN1PppOHnT2fCyh7kNLsKLDieUykaF7M+aKxQ
ut/0WVvdqkf73hiwNQQs5HDODdbwFLMQC3G8nflzMQvO3VTcqK52qLGv0l0Yv6m+
N9toY8rkUsQOBo+xpPGwJguN8e3bLl6Ov3gUG9LDUXCn/PLCPi4FmyY/EzJdac31
GI3oVpjJV2Kx4FWIg5PWesjp0sgNx0vZAtEB2kzIjyqOYgMzwSTRt+eHwNzsAaoF
8AHCA1Garvl4MA==
-----END CERTIFICATE-----